About the security content of Apple TV 7.2.1

This document describes the security content of Apple TV 7.2.1.

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

Apple TV 7.2.1

bootp

Available for: Apple TV (3rd generation)

Impact: A malicious Wi-Fi network may be able to determine networks a device has previously accessed

Description: Upon connecting to a Wi-Fi network, iOS may have broadcast MAC addresses of previously accessed networks via the DNAv4 protocol. This issue was addressed through disabling DNAv4 on unencrypted Wi-Fi networks.

CVE-ID

CVE-2015-3778 : Piers O'Hanlon of Oxford Internet Institute, University of Oxford (on the EPSRC Being There project)

CloudKit

Available for: Apple TV (3rd generation)

Impact: A malicious application may be able to access the iCloud user record of a previously signed in user

Description: A state inconsistency existed in CloudKit when signing out users. This issue was addressed through improved state handling.

CVE-ID

CVE-2015-3782 : Deepkanwal Plaha of University of Toronto

CFPreferences

Available for: Apple TV (3rd generation)

Impact: A malicious app may be able to read other apps' managed preferences

Description: An issue existed in the third-party app sandbox. This issue was addressed by improving the third-party sandbox profile.

CVE-ID

CVE-2015-3793 : Andreas Weinlein of the Appthority Mobility Threat Team

Code Signing

Available for: Apple TV (3rd generation)

Impact: A malicious application may be able to execute unsigned code

Description: An issue existed that allowed unsigned code to be appended to signed code in a specially crafted executable file. This issue was addressed through improved code signature validation.

Description: An issue existed in the way multi-architecture executable files were evaluated that could have allowed unsigned code to be executed. This issue was addressed through improved validation of executable files.

CVE-ID

CVE-2015-3803 : TaiG Jailbreak Team

Code Signing

Available for: Apple TV (3rd generation)

Impact: A local user may be able to execute unsigned code

Description: A validation issue existed in the handling of Mach-O files. This was addressed by adding additional checks.

CVE-ID

CVE-2015-3802 : TaiG Jailbreak Team

CVE-2015-3805 : TaiG Jailbreak Team

CoreMedia Playback

Available for: Apple TV (3rd generation)

Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution

Description: Two issues existed in how cookies were added to Content Security Policy report requests. Cookies were sent in cross-origin report requests in violation of the standard. Cookies set during regular browsing were sent in private browsing. These issues were addressed through improved cookie handling.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Risks are inherent in the use of the Internet. Contact the vendor for additional information. Other company and product names may be trademarks of their respective owners.